Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-12 | CVE-2006-1458 | Numeric Errors vulnerability in Apple Quicktime 7.0.3/7.0.4 Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. | 5.1 |
| 2006-05-12 | CVE-2006-1454 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime 7.0.3/7.0.4 Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data. | 5.1 |
| 2006-05-12 | CVE-2006-1453 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. | 5.1 |
| 2006-05-10 | CVE-2006-2277 | Remote Denial Of Service vulnerability in Apple Mac OS X ImageIO OpenEXR Image File Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file. | 5.0 |
| 2006-04-25 | CVE-2006-2019 | Denial Of Service vulnerability in Apple Safari Web Browser Rowspan Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute. | 5.0 |
| 2006-04-21 | CVE-2006-1988 | Multiple Security vulnerability in Apple Mac OS X The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE. | 5.0 |
| 2006-04-21 | CVE-2006-1987 | Multiple Security vulnerability in Apple Mac OS X Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. | 7.5 |
| 2006-04-21 | CVE-2006-1986 | Multiple Security vulnerability in Apple Mac OS X Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. | 7.5 |
| 2006-04-21 | CVE-2006-1985 | Buffer Errors vulnerability in Apple mac OS X, mac OS X Server and Safari Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. | 5.1 |
| 2006-04-21 | CVE-2006-1984 | Multiple Security vulnerability in Apple Mac OS X Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference. | 5.0 |